There are no reviews yet. Be the first to send feedback to the community and the maintainers!
SQLMAP-Web-GUI
PHP Frontend to work with the SQLMAP JSON API Server (sqlmapapi.py) to allow for a Web GUI to drive near full functionality of SQLMAP!JSRat-Py
This is my implementation of JSRat.ps1 in Python so you can now run the attack server from any OS instead of being limited to a Windows OS with Powershell enabled.BinGoo
BinGoo! A Linux bash based Bing and Google Dorking Toolcreep3r
This is a big smash up of a lot of various tools I have made in the past along with some new ones. It includes a array of tools for helping with pentesting and messing around on the net. Currently only have installer files made for Ubuntu & Debian systems, but if you know what you're doing you can easily read them and get what you need to get all the dependencies installed on your own. I made a quick basic demonstration video you to give a general overview of what it has included, you can watch it here: http://youtu.be/z9rq1SBIYI0 Here is another short video to show how the Dorker piece works: http://youtu.be/43aphr0QRng It's a bit of a constant work in progress but will be posting updates from time to time as I add more stuff and get them stabilized and working properly without much issue. If you have any questions, comments, or suggestions just let me know. Thanks, H.R.CVE-2016-3714
ImaegMagick Code Execution (CVE-2016-3714)Linux-RDP
Linux RDP Scanner and Bruteforcer Scriptsaddicted2hash
Hashcat Bash Scripts for bulk hash file processingSQLi
General Scripts to help with various types of SQL InjectionKalista
A Kali Linux Tool to assist with security audits and pentesting. Lots of wrappers for commonly used tools to help extend their usefulness while making a lot of the experience easy on the user.Y.A.S.P.
Yet Another SMB PSEXEC (Y.A.S.P) ToolLotusCMS-Exploit
LotusCMS 3.0 eval() Remote Command ExecutionRuby-Bind-and-Reverse-Shells
Ruby Bind and Reverse Shells I wrote using standard libs. Bind Shell includes authentication while reverse does not. Standard libs only so should work in most places you find Ruby supported. Hope its helpsful to someone.....Reverser
Reverser - A Quick Reverse Connection Deployment ScriptInf0rm3r
Inf0rm3r - A Linux Info & Ssytem Enumeration ScriptSearchSploits.rb
Search Tool for easy handling of the Exploit-DB Archive & associated CSV fileRubyCat
RubyCat - A Pure Ruby NetCat AlternativeShodanAPI
This is the Shodan API Class & Search tool that I wrote in Ruby since their default API wasn't working for me. You can either drop the API class in and use how you like or you can just use or tweak the tool I made iwth it. Open to questions, suggestions and general feedback...PMA
Simple PhpMyAdmin Finder and Bruteforcer ScriptDing.rb
Ding-2: A Faster Better Bing Dork ScannerD-Link-Dir-600---Dir-300-RCE-Exploit
D-Link Dir-600 & Dir-300 RCE Exploit By: Hood3dRob1n ============ Vulnerable Firmware Releases - DIR-300: ============ Firmware Version : 2.12 - 18.01.2012 Firmware Version : 2.13 - 07.11.2012 ============ Vulnerable Firmware Releases - DIR-600: ============ Firmware-Version : 2.12b02 - 17/01/2012 Firmware-Version : 2.13b01 - 07/11/2012 Firmware-Version : 2.14b01 - 22/01/2013 In response to vuln & PoC posted on PacketStorm, by Michael Messner: http://packetstormsecurity.com/files/120052/D-Link-DIR-600-DIR-300-Command-Execution-Bypass-Disclosure.html PIC: http://i.imgur.com/nrmRxLi.png PIC: http://i.imgur.com/jtMmCps.pngsmbclient-rb
A Ruby class which wraps the smbclient tool to make easily available from your Ruby scripts/appsHR-WebShell
A web shell I made while trying to pick up PHP.phpThumb_rce.rb
phpThumb <= 1.7.9-2008 RCE ExploitPHPKIT
PHPKIT <= 1.6.1 SQLi Exploit ScriptWhatsMyIP.rb
Simple Script to find both Internal and External IP AddressesWebmin-LFD
Webmin|Usermin <= 1.29x Remote File Disclosure ExploitMySQL-Fu.rb
MySQL-Fu is a Ruby based MySQL Client Script I wrote. It does most of the stuff a normal MySQL client might do: SQL Shell, Update/Delete/Drop Database/Table, Add/Delete Users, Dump Database(s)/Table w/ option for gzip...... Plus a few extra options to make life a little easier for pentests. Includes Several builtin PHP Command Shell options as well as Pentestmonkey's PHP Reverse Shell, in addition to multiple options for file writing and reading (all files read logged locally for offline analysis later), also includes Ruby port of Kingcope's CVE-2012-5613 Linux MySQL Privilege Escalation Exploit.ipb_lt-3.3.4_rce.rb
IPB <= 3.3.4 Remote Code Execution Exploitrpcclient-rb
A Ruby class which wraps the rpcclient tool to make easily available from your Ruby scripts/appsSYM
Bash Symlinker Script (OS, Perl, or PHP based methods)Exploit-DB-Local-Archive-Search-Tool
This is a Ruby script I wrote to perform searches against the Exploit-DB Local Archive. It adds some better logic to the searches over the bash version in my opinion, also adds some much needed color :)Shell-Storm-Ruby-API
# Search and display all shellcodes in shell-storm database # I just wanted to make my own version in Ruby for fun :p Many Thanks to Jonathan Salwan for his hard work and great site!Love Open Source and this site? Check out how you can help us